[Distutils] PEP 438 - Transition Phase 1
Donald Stufft
donald at stufft.io
Mon May 20 13:14:06 CEST 2013
On May 20, 2013, at 2:44 AM, Marius Gedminas <marius at pov.lt> wrote:
> On Mon, May 20, 2013 at 02:21:05AM -0400, Donald Stufft wrote:
>>
>> On May 20, 2013, at 2:18 AM, Lennart Regebro <regebro at gmail.com> wrote:
>>
>>> On Sun, May 19, 2013 at 10:20 PM, Donald Stufft <donald at stufft.io> wrote:
>>>> Hrm, ZPT doesn't seem to be stripping the CDATA or unescaping the strings?
>>>>
>>>> https://gist.github.com/dstufft/5608838 is what i have in the template file and that appears verbatim in the output?
>>>
>>> Yes? It will escape *data* inserted into the template (unless told not
>>> to), but what is in the template will appear in the output unescaped.
>>> I'm not sure how any template system can work otherwise, but perhaps
>>> I've been using Zope too long. :-)
>>>
>>> //Lennart
>>
>> Maybe you can tell me what I'm doing wrong?
>
> Using zope.pagetemplate. ;)
>
> More seriously, zope.pagetemplate has two parsing modes: HTML and XML.
> Nobody actually uses the XML mode (pt files start with an <?xml?>
> declaration, all tal/metal namespaces must be explicitly defined using
> xmlns:tal=url-that-nobody-can-remember). The HTML mode allows you to
> write Javascript just like you would do it in a browser, with no extra
> XML-quoting:
>
> <script type="text/javascript>
> if (1 < 2) alert("it works!");
> </script>
>
> Does this not work for you? I'm currently looking at a Zope3 app that
> does precisely this in its working page templates.
Nope, copy/pasted that directly and this is what I got on page load (render):
https://gist.github.com/dstufft/5611660
I think PyPI might be using XML mode because I seem to recall there being a comment or a commit message referencing the need to do something a particular way because we were in XML mode.
>
>> I need to insert a <script> tag with Javascript in it. Tres told me to
>> put the contents of the script tag in CDATA blocks which I did, and
>> then when the template was rendered it still had the CDATA blocks so
>> it was invalid javascript.
>
> I seem to recall hacks of the form
>
> <script ...>
> // <![CDATA[
> ...
> // ]]>
> </script>
>
> but I haven't seen one in a really long time.
>
>> He also said to just put the javascript in the body of the script but
>> xml escape it. Which I did, and when the template was rendered the
>> data was still xml escaped and again invalid javascript.
>
> I think scripts in XHTML were supposed to be XML-escaped. AFAIU
> zope.pagetemplate was designed back when XHTML was supposed to be The
> Bright Future of the Web.
>
> Marius Gedminas
> --
> Always proofread carefully to see if you any words out.
> _______________________________________________
> Distutils-SIG maillist - Distutils-SIG at python.org
> http://mail.python.org/mailman/listinfo/distutils-sig
-----------------
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20130520/b51c515e/attachment.pgp>
More information about the Distutils-SIG
mailing list